Shielder

476 posts

Shielder

@ShielderSec

InfoSec boutique. Owning things since 2014. We love to go for the extra mile, where we usually find the best 🦟🐞🪲🪳🐛🐜🕷 the others miss.

Italy Katılım Temmuz 2014

2 Takip Edilen1.6K Takipçiler

Shielder retweetledi

The Linux Foundation@linuxfoundation·16 May

Inspektor Gadget has completed its first security audit. Three vulnerabilities fixed, six hardening recommendations addressed — coordinated by @OSTIFofficial and led by @ShielderSec. > inspektor-gadget.io/blog/2026/04/i…

English

3.7K

Shielder retweetledi

Mindless@Mindlaess_·17 May

Well that was a ride! Happy to share that I've been awarded with the OMSE certificate after successfully completing the "Offensive Mobile Security Expert" course and exam by @8kSec . Thanks to @ShielderSec for this training opportunity and to @8kSec for their top-notch content!

English

424

Shielder retweetledi

Brian Benz@bbenz·12 May

The @OSTIFofficial coordinated #InspektorGadget’s first independent security audit, backed by @CloudNativeFdn and performed by @ShielderSec. Nice example of transparent OSS security work. techcommunity.microsoft.com/blog/LinuxandO… #Kubernetes #eBPF #OpenSource #Security

English

511

Shielder@ShielderSec·30 Nis

Can a hostile container sneak past your eBPF tracing? Sometimes, yes. With @OSTIFofficial & @CloudNativeFdn we audited Inspektor Gadget - 3 vulns (fixed), 6 hardenings, 6 bypasses (io_uring, openat2, jumbo frames…). Work by @ndaprela & @suidpit👏 🔗 shielder.com/blog/2026/04/i…

English

Shielder@ShielderSec·24 Mar

@suidpit @kubernetesio @OSTIFofficial kccnceu2026.sched.com/event/2CW4B/ku…

QME

111

Shielder@ShielderSec·24 Mar

#KubeCon EU starts today and guess what? Our very own @suidpit will be on stage with a panel about the @kubernetesio Security Audit we performed during 2025 with the support of @OSTIFofficial! 🗓️ March 25 - 16:45 CET 📍 Hall 8 | Room F

English

652

Shielder@ShielderSec·19 Mar

Attending @1ns0mn1h4ck? Meet @not4nhacker @Luk3ros and @Sev1rus from our AppSec and Red teams! They are eager to discuss about breaking complex authentication implementations and relaying all the things to DA!

English

470

Shielder@ShielderSec·31 Oca

Love breaking things just to see how they work? 🐛🔨 A @ShielderSec delegation is on the ground at @fosdem, and we're looking for fellow hackers and security researchers. If you are passionate about securing the Open Source world, we definitely need to talk!

English

578

Shielder@ShielderSec·31 Ara

Happy New Year, Hackers! 🎆 We’re looking forward to a 2026 full of crazy exploits, instant patches, and - most importantly - YOU, the amazing human beings behind the screens.

English

389

Shielder@ShielderSec·27 Ara

Bootloaders acting weird? 🐛 If you are at #39c3, catch @ShielderSec's own @Th3Zer0 to geek out over bootloader oddities and low-level vulnerabilities.

English

716

Shielder@ShielderSec·2 Ara

Live in less than 20 min! luma.com/ir16fuig

English

341

Shielder@ShielderSec·25 Kas

Want to learn more about our approach into auditing complex libraries and writing cool exploits? Attend @OSTIFofficial's meetup where our very own @Th3Zer0 and @suidpit will talk about the "Security Audit of OpenEXR" 🗓️: Dec 02 🕗: 20:00 CET RSVP: luma.com/ostif-meetups?…

English

741

Shielder@ShielderSec·28 Eki

Great achievement of our very own @Paupu_95 🎉

Paolo Cavaglià@Paupu_95

Huge thanks to #theSAS25 organization and ppl who voted for this amazing prize! It's been a real pleasure!

English

615

Shielder@ShielderSec·27 Eki

🔥🔥🔥

TheSAS2026@TheSAScon

So, Symantec/Broadcom PAM seems to contain code in PHP, Java, and Perl simultaneously. Guess how many issues are hiding there? @Paupu_95 keeps the tension high, and we still don’t know the answer. This #TheSAS2025 talk is quite thrilling.

ART

416

Shielder@ShielderSec·26 Eki

Attending #theSAS25? Meet @Paupu_95 for his PAM pwnage talk! It won't be recorded and it might *wink wink* contain a cool drop you don't want to miss 👀

Paolo Cavaglià@Paupu_95

Ready for #theSAScon25 in Khao Lak 🇹🇭 🌴 Ping me if u wanna say hi!

English

1.6K

Shielder@ShielderSec·6 Eki

Attending #TheSAS2025? Don't miss our gangster @Paupu_95 pull off a credential heist, taking down a PAM and going from no info to full infra compromise!

TheSAS2026@TheSAScon

You’ve done everything right: least privilege, PAM solution deployed, users don’t even know passwords. What could go wrong? Paolo Cavaglià (@Paupu_95) from Shielder has the answer in his #TheSAS2025 talk, "Grand Theft Credential: Ransomware Gangs’ Wet Dream" 🏰 His team spent two weeks reverse engineering Broadcom’s CA PAM and found 13 vulnerabilities that lead to complete infrastructure takeover. A malicious actor can decrypt all stored credentials, move laterally to every managed host, and own the company. More SAS gold (aka agenda): kas.pr/6rx9

English

795

Shielder@ShielderSec·27 Eyl

👀 @cybersaiyanIT

QME

425

Shielder retweetledi

smaury 4.7@smaury92·7 Ağu

👋🏿 Hackers! Are you a Red Teaming Wizard 🧙🏿 looking for a new challenge? @ShielderSec is hiring a Red Teaming Lead to join our crew! More info ⬇️ (share appreciated) #hiring #redteaming romhack.io/job-opportunit…

English

2.6K

Shielder@ShielderSec·31 Tem

@OSTIFofficial @AcademySwf @ndaprela @smaury92 @suidpit @Th3Zer0 Blog post: shielder.com/blog/2025/07/m… Reports: github.com/ShielderSec/pu…

English

285

Shielder@ShielderSec·31 Tem

🚨 New Open Source Audit Alert! 🚨 Shielder, with @OSTIFofficial & @AcademySwf, audited OpenEXR and MaterialX: 🔍 11 issues found (1 critical, 3 still to be published) ✔️ Most fixed, others planned 🗣️ to @ndaprela @smaury92 @suidpit @Th3Zer0 Full details in the blog post ⬇️🧵

English

2.1K

Keşfet

@OSTIFofficial @8kSec @CloudNativeFdn @ndaprela @suidpit @kubernetesio @1ns0mn1h4ck @not4nhacker